How Authentication Works for Net Use Command
Article ID: 149861
Article Last Modified on 2/21/2007
APPLIES TO
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional Edition
- Microsoft Windows NT Advanced Server 3.1
- Microsoft Windows NT Workstation 3.1
- Microsoft Windows NT Advanced Server 3.1
- Microsoft Windows NT Workstation 3.5
- Microsoft Windows NT Workstation 3.51
- Microsoft Windows NT Workstation 4.0 Developer Edition
- Microsoft Windows NT Server 3.5
- Microsoft Windows NT Server 3.51
- Microsoft Windows NT Server 4.0 Standard Edition
This article was previously published under Q149861
When you use the NET USE command to connect to a share on a server in a
domain, the following authentication process verifications take place:
- If the client's user name is in the domain's UAS account database, the
passwords are compared. If the passwords match, access is allowed to the
share. If the passwords do not match, an access denied message is
returned.
The behavior allows for backward compatibility with Windows for
Workgroups and other clients. These clients do not pass the domain name
to the Server.
- If the client's user name does not match a user name in the domain's
UAS, the domain controller checks to see if the client's domain is listed
in its trust list. If the client's domain name is on the target domain's
trust list, the domain controller communicates with the other domain to
see if the client's user account and password are valid. If so, access is
allowed to the share. If not, an access denied message is returned.
Additional query words: prodnt
Keywords: kbother KB149861